<?php
header('Content-type: text/html; charset=iso');
include "cnx.php";
$message_error="";
$path_divx[]=null;
if(isset($_REQUEST["noDirectory"])&&($_REQUEST["noDirectory"]=="1")){
	$message_error="Error, No folder in DataBase.";
}
if(isset($_REQUEST["filepath"])&&($_REQUEST["filepath"]!="")){
	$_REQUEST["filepath"]=str_replace("\\", "\\\\", $_REQUEST["filepath"]);
	//on va vérifier s'il existe en base. sinon on met un message:
	$req="select Id from param where name='path' and value='".$_REQUEST["filepath"]."'";
	$result = mysql_query($req);
	if (!$result) {
   		$message_error='Bad request : ' . mysql_error().".";
	}else{
		if(mysql_num_rows($result)==0){
			//on va tester si c'est un vrai dossier du pc, sinon on met un message
			if(is_dir($_REQUEST["filepath"])){
				$query = "INSERT INTO param(name,value) VALUES('path','".$_REQUEST["filepath"]."')";
				$result = mysql_query($query);
			}else{
				$message_error="Error, it's not a valid folder.";
			}
		}else{
			$message_error="Error, this folder already exist in DataBase.";
		}	
	}			
}
if(isset($_REQUEST["delpath"])&&($_REQUEST["delpath"]=="1")&&(isset($_REQUEST["id"])&&($_REQUEST["id"]!=""))){
	//on va vérifier s'il existe en base. sinon on met un message:
	$req="select Id from param where name='path' and Id='".$_REQUEST["id"]."'";
	
	$result = mysql_query($req);
	if(mysql_num_rows($result)==1){
		$query = "delete from param where Id='".$_REQUEST["id"]."'";
		$result = mysql_query($query);
	}else{
		$message_error="Error, this folder do not exist in DataBase.";
	}	
}
?>
<html>
<head>
<title>Admin</title>
<link href="style.css" rel="stylesheet" />
</head>
<body>
<div id="menuAdmin"><a href="index.php">Retour au site</a></div>
<?php if(isset($message_error)&&($message_error!="")){?>
	<div class="divError"><?php echo $message_error?></div>
<?php }?>
<form action="" method="POST">
<input type="text" name="filepath">
<input type="submit" value="+">
<input type="hidden" name="noDirectory" value="2"><br/><br/>
<?php
// Creation et envoi de la requete
$query = "SELECT value,Id FROM param where name='path' ORDER BY name";

$result = mysql_query($query);
// Recuperation des resultats
if($result){
	while($row = mysql_fetch_row($result)){
		$FolderInBDD["name"]=$row["0"];
		$FolderInBDD["id"]=$row["1"];
		$path_divx[]=$FolderInBDD;
	}
}
?>
<table class="table_param">
<thead>
	<td>Liste des dossiers</td>
	<td></td>
</thead>
<?php
foreach($path_divx as $aPath){
	if($aPath["id"]!=""){
		echo "<tr onmouseover='this.class.name=selectedTr' onmouseout='this.class.name=UnSelectedTr'><td>".$aPath["name"]."</td><td><a href='?delpath=1&id=".$aPath["id"]."'>del</a></td></tr>";
	}
}
echo "</table>";
include "footer.php";
?>
</form>
</body>
</html>